Beware of increasing use of confusing domain names for brand impersonation and fraud


The recent '.ca' domain name arbitration decision in Fluor Corporation v Fluor Curling (CDRP Dispute No 0281) highlights the growing problem of confusing domain names being registered and used to send emails impersonating businesses. Companies should be aware of this risk and the remedies available to address such issues when they arise. 

The most common use of a domain name is as a website address (eg, ''). Cybersquatters take advantage of this fact by registering domain names that are confusing with trademarks in order to sell them to the trademark owner at an inflated price, host pay-per-click ads, or divert internet traffic intended for the brand owner. Domain name arbitration is one of the tools available to recover such domain names from cybersquatters.

Another common use of a domain name is as the basis for company email addresses (eg, '[email protected]'). This fact can be exploited by persons registering confusing domain names for the purpose of sending impersonating emails, with or without a functioning website.

Canada’s '.ca' domain name registry provides for a relatively quick and inexpensive dispute resolution process to address bad faith domain name registrations. The CIRA Domain Name Dispute Resolution Policy (CDRP) is modelled after the UDRP and requires a complainant to establish three criteria:

  1. the domain name is confusingly similar to a trademark in which the complainant has rights;
  2. the domain name was registered in bad faith; and
  3. the registrant has no legitimate interest in the domain name.

In Fluor Corporation v Fluor Curling, Fluor Corporation sought transfer of the domain name ''. The domain name was not used for an active website. Instead, the evidence established that the domain was used to send emails from the address '[email protected]' to potential job seekers to obtain their personal information. The email included the name of Fluor Corporation’s actual human resources manager and asked recipients to complete an “interview form” bearing the name Fluor Corporation and its Canadian address, as well as the logo FLUOR®. The domain name registrant did not defend in the arbitration proceeding.

On the first criteria, Fluor Corporation submitted evidence that it operates in the field of engineering, construction and project management, with $27.4 billion in revenues in 2013 and 40,000 employees across six continents. Its trademark FLUOR was registered in Canada in 1973 and it operated websites using the domain names '' and ''. This was sufficient to establish rights in the mark FLUOR, and the domain name '' was found to be confusingly similar to this mark.

With respect to the criteria of bad faith, the use of the domain to send impersonating emails was held to be a clear example of bad faith conduct.

For the legitimate interest criteria, the registrant’s conduct in sending impersonating emails was sufficient evidence to shift the burden of establishing a legitimate interest to the registrant. While the registrant’s name from WHOIS records was Fluor Curling, which could potentially have established a legitimate interest, there was no evidence that this was a legal name or a name by which the registrant is commonly known.

Having met the three criteria, the domain name was ordered transferred.

Fraudulent emails using confusing domain names can be used for a range of purposes beyond seeking personal information, as was the case in the above decision. Two other possible scenarios are outlined below.

In one scenario, a food products company is impersonated by registration of the '.ca' version of its '.com' domain name. In an attempt to manipulate the stock price, the registrant uses the domain name to host a copycat website and send impersonating emails containing a false press release about a food recall. In such a case, the company’s counsel could request immediate take down of the fake website and locking of the email account through complaints to the domain registrar and/or website host. If desired, a CDRP proceeding or a court proceeding could be commenced to recover the domain name. Regulatory authorities and law enforcement would be contacted due to the stock manipulation.

In another scenario, a fraudster registers a domain name that is one letter different from a travel agency domain name. The domain name is used to send emails offering discounted travel packages and including a 1-800 contact number. The fraudster then issues fake invoices to unsuspecting victims and takes payment online. Once the matter comes to the attention of the travel agency, complaints could be made to the registrar and host to freeze the email account. A domain name arbitration proceeding could be commenced to recover the domain name. Law enforcement would be contacted due to the fraud and the host may be instructed to maintain the email records as evidence.

There are a range of possible remedies for companies that become aware of suspected impersonation through confusing domain names. Such remedies include negotiation, complaints to the registrar and hosting companies, CDRP or UDRP domain name arbitration proceedings and legal action. In appropriate cases, law enforcement may be contacted. 

Companies can also proactively identify domain names incorporating their trademarks through domain name search providers and can receive notice of all new domain name registrations incorporating key terms. This permits companies to regularly review the associated websites and WHOIS records for any evidence of trademark infringement or impersonation.

Daniel Anthony, Smart & Biggar/Fetherstonhaugh, Ottawa

Get unlimited access to all WTR content